Re: Repeatable apt-get WARNING: The following packages cannot be authenticated!
Joel Rees wrote:
On Wed, Apr 16, 2014 at 11:49 PM, Richard Owlett
<rowlett@cloud85.net <mailto:rowlett@cloud85.net>> wrote:
Richard Owlett wrote:
[SNIP]
[...]
root@debian:/home/richard# apt-get install pforth
pforth? Mind if I ask why?
*LOL* not the part of my post for which I expected a comment.
Primarily I needed an easily remembered package that wouldn't be
on any of my test installs. I've been interested in FORTH since
CPM-80 days.
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
pforth
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/81.2 kB of archives.
After this operation, 291 kB of additional disk space will be
used.
WARNING: The following packages cannot be authenticated!
pforth
Install these packages without verification [y/N]?
E: Some packages could not be authenticated
Yeah. I just installed pforth via synaptic without any messages
that I noticed. (Didn't check the logs. Usually, synaptic will
through a GUI flag up when you try to install stuff it doesn't
know how to verify.)
Prior to this test I had used Synaptic and got the equivalent
error message. For documenting my problem using command line was
simpler.
But when I grabbed the source with apt-get source, it told me
what it's telling you there. But before it told me that, it told
me it couldn't find the public key for the key ID F2CF-01A8.
You might want to look around the internet for that
root@debian:/home/richard# find /home/richard/tst/dvd1 -name
'debian-archive-keyring_*_all.__deb'
/home/richard/tst/dvd1/pool/__main/d/debian-archive-keyring/__debian-archive-keyring_2010.__08.28_all.deb
root@debian:/home/richard# dpkg -i
/home/richard/tst/dvd1/pool/__main/d/debian-archive-keyring/__debian-archive-keyring_2010.__08.28_all.deb
(Reading database ... 116472 files and directories currently
installed.)
Preparing to replace debian-archive-keyring 2010.08.28 (using
.../debian-archive-keyring___2010.08.28_all.deb) ...
Unpacking replacement debian-archive-keyring ...
Setting up debian-archive-keyring (2010.08.28) ...
gpg: key F42584E6: "Lenny Stable Release Key
<debian-release@lists.debian.__org
<mailto:debian-release@lists.debian.org>>" not changed
gpg: key 55BE302B: "Debian Archive Automatic Signing Key
(5.0/lenny) <ftpmaster@debian.org
<mailto:ftpmaster@debian.org>>" not changed
gpg: key 6D849617: "Debian-Volatile Archive Automatic Signing
Key (5.0/lenny)" not changed
gpg: key B98321F9: "Squeeze Stable Release Key
<debian-release@lists.debian.__org
<mailto:debian-release@lists.debian.org>>" not changed
gpg: key 473041FA: "Debian Archive Automatic Signing Key
(6.0/squeeze) <ftpmaster@debian.org
<mailto:ftpmaster@debian.org>>" not changed
gpg: Total number processed: 5
gpg: unchanged: 5
This key does not seem to be a debian key? (Which raises some
questions.)
Anyway, the failure to authenticate is due to the missing public
key. You could import the key, but you want to know how much you
want to trust it before you do that. (So look around the 'net.)
I started with a purchased set of Squeeze (6.0.5) DVDs as I'm on
dialup.
I have done multiple installs with that set without this problem
appearing.
The only difference is creating ISO files FROM the DVDs and then
loop mounting to be the repository for the apt-get command.
I'll have to go find the key and instructions for using it.
But that would only be a work-a-round. The ISO file is an image
of a WORKING DVD.
[...]
Since I pulled down the source, I think I'll take a look at it
over the weekend, see if I can tell anything from that. Maybe.
--
Joel Rees
Be careful where you see conspiracy.
Look first in your own heart.
Reply to: